Cyber operations remain at the forefront of confrontations between the West and Moscow as relations continue to deteriorate. Russia asserted itself in 2007 with “patriotic hackers” launching a volley of distributed denial of service (DDoS) attacks on Estonian systems. Then in 2008, cyber attacks preceded the Russo-Georgian war, and again ...

Understanding the Russian criminal underground is essential when discussing Russian proxies in cyberspace. How do cybercriminal entities interact with each other and what is their relationship with the Russian government? The Cipher Brief spoke with Ed Cabrera, the Chief Cybersecurity Officer at Trend Micro and the former Chief Information Security ...

What if network defenders knew that a cyber operation occurred during Moscow business hours, that it involved a Russian IP address, and that the cyber actors used a Cyrillic keyboard? Would those indicators by themselves be enough for attribution?  Given the Russian cyber environment, the answer is clearly “no.” Those ...